Mikhail Egorov
@0ang3el
Followers
3K
Following
3K
Media
6
Statuses
471
HTTP smuggling via fake WebSocket connection
github.com
Issues with WebSocket reverse proxying allowing to smuggle HTTP requests - 0ang3el/websocket-smuggle
9
176
443
RT @tinchoabbate: The MOST vulnerable contracts in all DeFi just got upgraded!. ⚙️ New testing env: Solidity 0.8 + Hardhat + Ethers.🌟 4 new….
0
131
0
RT @emil_lerner: Here're slides from my talk at ZeroNights X! A 0-day for GhostScript 9.50, RCE exploit chain for ImageMagick with the defa….
0
129
0
RT @PortSwiggerRes: HTTP/2: The Sequel is Always Worse by @albinowax.
portswigger.net
In this research paper James Kettle introduces multiple new classes of HTTP/2-exclusive attacks, demonstrated on popular websites and servers.
0
479
0
RT @orange_8361: A New Attack Surface on Microsoft Exchange! The series covers most of my Black Hat USA and DEFCON talks (with slides and v….
0
520
0
RT @PortSwiggerRes: Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) by @artsploit . #exploit #bugbounty.
portswigger.net
While participating in one private bug bounty program, I discovered a pre-auth RCE in ForgeRock OpenAM server - a popular access management solution for web applications. In this blog post, I'm going
0
172
0
RT @pdiscoveryio: [Release] 𝗣𝗗 𝗔𝗰𝘁𝗶𝗼𝗻𝘀 - Continuous reconnaissance and vulnerability assessment using GitHub Actions. Project:- https://t.….
0
134
0
RT @infosec_au: Check out our blog post on Context Aware Content Discovery - we drop a tool (Kiterunner - https://t….
0
227
0
RT @PortSwiggerRes: New attacks on OAuth: SSRF by design and Session Poisoning by @artsploit
portswigger.net
Intro The OAuth2 authorization protocol has been under fire for the past ten years. You've probably already heard about plenty of "return_uri" tricks, token leakages, CSRF-style attacks on clients, an
0
431
0
RT @infosec_au: My colleague @seanyeoh wrote up his security research on H2C smuggling and the various cloud providers he successfully expl….
assetnote.io
0
115
0
RT @emil_lerner: I got $15k #bugbounty for being able to execute a single shell command on my own laptop! That command was "man qemu-img".….
0
58
0
RT @infosec_au: Thanks to everyone that tuned into my talk on Hacking IIS at #NahamCon2021. The slides for my talk are available here: http….
drive.google.com
0
200
0
RT @orange_8361: I know there are lots of people waiting for the recent Microsoft Exchange pre-auth RCE on our side. This is a short adviso….
proxylogon.com
ProxyLogon - The latest pre-authenticated Remote Code Execution vulnerability on Microsoft Exchange Server
0
433
0
RT @PortSwigger: Blog post: mapping out Burp Suite's crawler. This is a deep dive into the crawler, which is at the heart of Burp Suite's c….
portswigger.net
At the core of Burp Suite is Burp Scanner - a powerful tool designed to reduce the number of manual steps users have to take to discover vulnerabilities in their targets. Burp Scanner was first releas
0
72
0
RT @emil_lerner: I'm releasing my tool that detects HTTP Request Smuggling opportunities that arise during HTTP/2 -> HTTP/1.1 conversion by….
github.com
Contribute to neex/http2smugl development by creating an account on GitHub.
0
160
0
RT @theBumbleSec: Just when you thought JSON was the one thing you could trust. My latest research on JSON interoperability vulnerabilities….
bishopfox.com
Learn more about how the same JSON document can be parsed with different values across microservices, leading to a variety of potential security risks.
0
515
0
RT @fransrosen: We did some fun tricks with nginx on bug bounties a while back, and made a post about out the configurations being vulnerab….
labs.detectify.com
We found some interesting middleware misconfigurations and potential exploits affecting Nginx web servers, load balancers, and proxies.
0
245
0